Stop removing the control socket on exit and tighten the unveil even

further. This is in line with what other networking daemons do. ok mestre@
author: remi <remi@openbsd.org> 2020-09-16 20:50:10 +0000
committer: remi <remi@openbsd.org> 2020-09-16 20:50:10 +0000
commit: faef135eb5208cabc87ebab38a843f99e0929c39 (patch)
tree: 3ba2631b999e906564af4445bac6665ceb92b206 /usr.sbin
parent: Apparently some time ago I moved the timeout argument to the final position (diff)
download: wireguard-openbsd-faef135eb5208cabc87ebab38a843f99e0929c39.tar.xz
wireguard-openbsd-faef135eb5208cabc87ebab38a843f99e0929c39.zip
6 files changed, 14 insertions, 21 deletions
diff --git a/usr.sbin/ospf6d/control.c b/usr.sbin/ospf6d/control.c
index 72f91b42faa..0bb41a70e34 100644
--- a/usr.sbin/ospf6d/control.c
+++ b/usr.sbin/ospf6d/control.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.c,v 1.28 2020/01/01 10:09:34 denis Exp $ */
+/*	$OpenBSD: control.c,v 1.29 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -124,13 +124,10 @@ control_listen(void)
 }
 
 void
-control_cleanup(char *path)
+control_cleanup(void)
 {
-	if (path == NULL)
-		return;
 	event_del(&control_state.ev);
 	event_del(&control_state.evt);
-	unlink(path);
 }
 
 /* ARGSUSED */
diff --git a/usr.sbin/ospf6d/control.h b/usr.sbin/ospf6d/control.h
index dc91fd09cee..67dbfe99467 100644
--- a/usr.sbin/ospf6d/control.h
+++ b/usr.sbin/ospf6d/control.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.h,v 1.6 2018/09/01 19:21:10 remi Exp $ */
+/*	$OpenBSD: control.h,v 1.7 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -40,6 +40,6 @@ int	control_listen(void);
 void	control_accept(int, short, void *);
 void	control_dispatch_imsg(int, short, void *);
 int	control_imsg_relay(struct imsg *);
-void	control_cleanup(char *);
+void	control_cleanup(void);
 
 #endif	/* _CONTROL_H_ */
diff --git a/usr.sbin/ospf6d/ospf6d.c b/usr.sbin/ospf6d/ospf6d.c
index ff8b82310af..4afe786eb41 100644
--- a/usr.sbin/ospf6d/ospf6d.c
+++ b/usr.sbin/ospf6d/ospf6d.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospf6d.c,v 1.47 2020/06/26 19:06:52 bket Exp $ */
+/*	$OpenBSD: ospf6d.c,v 1.48 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -274,7 +274,8 @@ main(int argc, char *argv[])
 		fatalx("control socket setup failed");
 	main_imsg_compose_ospfe_fd(IMSG_CONTROLFD, 0, control_fd);
 
-	if (unveil(ospfd_conf->csock, "c") == -1)
+	/* no filesystem visibility */
+	if (unveil("/", "") == -1)
 		fatal("unveil");
 	if (unveil(NULL, NULL) == -1)
 		fatal("unveil");
@@ -303,7 +304,7 @@ ospfd_shutdown(void)
 	msgbuf_clear(&iev_rde->ibuf.w);
 	close(iev_rde->ibuf.fd);
 
-	control_cleanup(ospfd_conf->csock);
+	control_cleanup();
 	kr_shutdown();
 	carp_demote_shutdown();
 
diff --git a/usr.sbin/ospfd/control.c b/usr.sbin/ospfd/control.c
index 09733bc407e..b9824b55ed7 100644
--- a/usr.sbin/ospfd/control.c
+++ b/usr.sbin/ospfd/control.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.c,v 1.45 2018/08/29 08:43:16 remi Exp $ */
+/*	$OpenBSD: control.c,v 1.46 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -125,13 +125,10 @@ control_listen(void)
 }
 
 void
-control_cleanup(char *path)
+control_cleanup(void)
 {
-	if (path == NULL)
-		return;
 	event_del(&control_state.ev);
 	event_del(&control_state.evt);
-	unlink(path);
 }
 
 /* ARGSUSED */
diff --git a/usr.sbin/ospfd/control.h b/usr.sbin/ospfd/control.h
index ce2a6d02c1d..02df29924ee 100644
--- a/usr.sbin/ospfd/control.h
+++ b/usr.sbin/ospfd/control.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: control.h,v 1.7 2018/08/29 08:43:16 remi Exp $ */
+/*	$OpenBSD: control.h,v 1.8 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -40,6 +40,6 @@ int	control_listen(void);
 void	control_accept(int, short, void *);
 void	control_dispatch_imsg(int, short, void *);
 int	control_imsg_relay(struct imsg *);
-void	control_cleanup(char *);
+void	control_cleanup(void);
 
 #endif	/* _CONTROL_H_ */
diff --git a/usr.sbin/ospfd/ospfd.c b/usr.sbin/ospfd/ospfd.c
index 5d00cc81912..0f8f0e8485e 100644
--- a/usr.sbin/ospfd/ospfd.c
+++ b/usr.sbin/ospfd/ospfd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ospfd.c,v 1.113 2020/06/26 19:04:38 bket Exp $ */
+/*	$OpenBSD: ospfd.c,v 1.114 2020/09/16 20:50:10 remi Exp $ */
 
 /*
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -282,8 +282,6 @@ main(int argc, char *argv[])
 
 	if (unveil("/", "r") == -1)
 		fatal("unveil");
-	if (unveil(ospfd_conf->csock, "c") == -1)
-		fatal("unveil");
 	if (unveil(NULL, NULL) == -1)
 		fatal("unveil");
 
@@ -318,7 +316,7 @@ ospfd_shutdown(void)
 	msgbuf_clear(&iev_rde->ibuf.w);
 	close(iev_rde->ibuf.fd);
 
-	control_cleanup(ospfd_conf->csock);
+	control_cleanup();
 	while ((r = SIMPLEQ_FIRST(&ospfd_conf->redist_list)) != NULL) {
 		SIMPLEQ_REMOVE_HEAD(&ospfd_conf->redist_list, entry);
 		free(r);
author	remi <remi@openbsd.org>	2020-09-16 20:50:10 +0000
committer	remi <remi@openbsd.org>	2020-09-16 20:50:10 +0000
commit	faef135eb5208cabc87ebab38a843f99e0929c39 (patch)
tree	3ba2631b999e906564af4445bac6665ceb92b206 /usr.sbin
parent	Apparently some time ago I moved the timeout argument to the final position (diff)
download	wireguard-openbsd-faef135eb5208cabc87ebab38a843f99e0929c39.tar.xz wireguard-openbsd-faef135eb5208cabc87ebab38a843f99e0929c39.zip